It has been confirmed this morning (12.17.2015)by Hykem himself via gbatemp. no kernel access is needed to use the exploit and will work up to current firmware (5.5). I believe it will be the exploit itself or the game needed for the exploit which is nothing of significance yet until people develope homebrews for it

More facts:
- I don't need nor would I accept donations. I appreciate the gesture, truly, but I don't need the money. I believe donations should be considered in the future for people that will pick up on the new access the IOSU gives and develop solid homebrew for the Wii U, those are the people that will need donations, not me.
- The exploit works solely from the Internet Browser. No specific games, no eShop stuff, nothing.

Thank you Hykem,
So since it works on from the internet browser, does that mean we'll need a browser exploit that works already on our version? or the package you're providing already works on browsers up to 5.5.0 ?
It will require a separate WebKit exploit first. It's not a problem for firmwares 2.0.0 to 5.3.2, but firmware versions 5.4.0 and 5.5.0 still need to have a proper exploit done. This is being worked on as well (it would be a bit pointless to release a working IOSU exploit without the WebKit entry points for 5.4.0/5.5.0).
In other words, the goal is to release everything at once, giving people more than enough time to prepare themselves. It wouldn't be fair to release the exploit only for up to 5.3.2 and leave 5.4.0/5.5.0 users in the dust.

iCEQB said: ↑
@Hykem can IOSU manipulate kernel space in RAM ?
Or do we still need a kernel exploit for everything kernel related?
So far the plan looked to me like you need 3 exploits chained together to gain full control of the console (userspace -> kernel -> IOSU).
My understanding was that IOSU is related to hardware (device) access and crypto stuff rather than controling the kernel etc. that's why I ask.
Yes, the IOSU can manipulate all the PPC kernel memory.
Our initial plan was indeed to chain together PPC userland and PPC kernel to attack the IOSU, but, in a lucky turn of events, I managed to exploit a bug that works straight from PPC userland (yes, corrupted data is passed right through the PPC kernel into the IOSU userland).
The IOSU is a custom OS running on a separate ARM processor and is indeed related to hardware access, crypto, title management and all that. It's also responsible for launching the PPC kernel binary, so it had to be able to access it.
IOSU also has a userland and a kernel and, in fact, the first thing I attempted was to overwrite PPC kernel memory with IOSU userland access (kernel access is not even needed to mess with the PPC processor).
Maximilious said: ↑
Sadly Hykem, it's probably best to just stay tight lipped about it anymore. Every post with information causes the masses to spew out 10,000 more questions. Thank's for the input and am glad you were finally able to break the big IOSU wall and earn your stamp. Can't wait to see what will be released in the coming weeks!
I agree. All the necessary information will be eventually released.